Australian Financial Watchdog ASIC Suffers a Cyber Attack

The Australian Securities and Investments Commission (ASIC)confirmed on Monday that one of its servers suffered a cyber-attack. The attack, which reportedly occurred on January 15 targeted the financial watchdog’s Accellion software. ASIC was using the software for files and attachments transfer.

According to ASIC, the perpetrators were able to gain access to the server with documentation about credit licensing applications. ASIC recently updated its licensing and registration activities and in the process approved 394 new AFS credit licenses. In the update, ASIC also revealed that it received 15,000 professional and licensing applications including 1,346 AFS requests.

ASIC is yet to elaborate on the method of the attack as details of the hack are not yet public. ASIC stated that the reason behind scanty details about the attack is because the investigation is still ongoing. However, the financial watchdog did say that the hackers could have accessed some information stored on the targeted server.

“It appears that there is some risk that some limited information may have been viewed by the threat actor.”

ASIC Disabled Compromised Server

ASIC added that there is however no evidence that the attackers opened or downloaded any Australian credit license application forms.  Following the attack on Accellion, ASIC said the server has since been disabled and no other servers were compromised.

The watchdog has adopted a temporary alternative method for subsequent credit attachments’ submission.

“ASIC is working on alternative arrangements for submitting credit application attachments, which will be implemented shortly.”

ASIC has contacted Accellion, involved agencies, and affected parties to respond to and manage the incident. Accellion is a US-based private cloud solutions company that focuses on offering secure file sharing and collaboration. It is ranked as one of the best cloud storage and sharing software for organizations and agencies.

ASIC Among Many Victims of Rampant Cyber Attacks

Cyber attacks on organizations and government agencies have become very widespread in the last few years. Hackers are increasingly targeting stock exchanges and regulators and brokers in the financial markets.

In Similar ASIC news, the New Zealand Stock exchange suffered one of the biggest coordinated cyber attacks of 2020. The series of attacks, known as the distributed-denial-of-service (DDoS) lasted for several days, causing service outages for almost one week.

Large enterprises have also fell victim to ransomware attacks from hackers who ask for millions of dollars in compensation.